Alternatives to fail2ban in the Kubernetes world? Intrusion prevention/block bad auths

Cluster information:

Kubernetes version: v1.22.0
Cloud being used: Bare-metal
Installation method: Ansilbe
Host OS: Debian 11
CNI and version: Calico v3.20.1

I have recently started using Kubernetes instead of docker and I am curious what other people use for intrusion prevention?

When I was using docker I just sent all my logs to a central syslog server and used fail2ban to block spammers/brute force bots.

1 Like

@release-team

Is there anyone who can answer this?

Because I am receiving multiple calls from Gmail email link click!
I was not facing this challenge in Apache Tomcat setup, but in Istio K8s env yes I am struggling with this issue

are you trying to filter out bots? I would use captcha (google’s for example) for that and not a mechanism like fail2ban.

if your container has different needs (other than form spam protection) it would help if you specify what is your exact need in order to recommend the proper solution.